IPsec and IKE MIB Support forCisco VRF-Aware IPsec

The IPsec and IKE MIB Support for Cisco VRF-Aware IPsec feature provides manageability of Virtual Private Network routing and forwarding- (VRF-) aware IP security (IPsec) using MIBs. The benefit of this feature is that VRF-aware IPsec MIBs provide the granular details of IPsec statistics and performance metrics on a VRF basis.

History for the IPsec and IKE MIB Support for Cisco VRF-Aware IPsec Feature

Release

Modification

12.4(4)T

This feature was introduced.

Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Information About IPsec and IKE MIB Support forCisco VRF-Aware IPsec

MIBs Supported by the IPsec and IKE MIB Support forCisco VRF-Aware IPsec Feature

The following MIBs are supported by the IPsec and IKE MIB Support for Cisco VRF-Aware IPsec feature:

•CISCO-IPSEC-FLOW-MONITOR-MIB

•CISCO-IPSEC-MIB

•The CISCO-IPSEC-POLICY-MAP-MIB continues to be supported. However, because this MIB applies to the entire router rather than to a specific VPN VRF instance, it is not VRF aware; therefore, polling of the object identifiers (OIDs) that belong to this MIB is accomplished with respect to the global VRF context.

Configuration Examples for IPsec and IKE MIB Support for Cisco VRF-Aware IPsec

Configuration That Has Two VRFs: Examples

The following output example is for a typical hub configuration that has two VRFs. The output is what you would see if you were to poll for the IPsec security association (SA). Router 3745b is the VRF-aware router.

Two VRFs Configured

The following output shows that two VRFs have been configured (vrf1 and vrf2).

RFCs

RFC

Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.

—

Technical Assistance

Description

Link

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.